<?php
/**
 * 
 * 
 * $Rev: 7 $
 * $Author: thejahweh $
 * $Date: 2010-09-01 07:30:00 +0000 (Wed, 01 Sep 2010) $
 * $Id: user.class.php 7 2010-09-01 07:30:00Z thejahweh $
 * $URL: http://allone.googlecode.com/svn/trunk/plugins/rbac/user.class.php $
 * @author: Adrian Liechti <info@jahweh.ch>
 * @copyright: 2010 Adrian Liechti, GPL3 and CC3 BY-SA
 */

class user {
	
	public $id;
	public $name;
	public $password;
	public $mail;
	public $editMode = false;
	public $isLoaded = false;
	public static $passwordHash = 'whirlpool';
	public static $passwordHashA = 'md5';
	public static $passwordHashB = false;
	public static $passwordHashC = false;
	public static $passwordSalt = '[@¬¢%)"{ä!]';
	public static $cookieLifeTime = 2592000;
	public static $cookieName = 'login';
	public static $cookieDelimiter = '-|-';
	
	public function __construct () {
	
	}
	
	public function getUser ($id) {
		global $db;
		$u = $db->query("
			SELECT *
			FROM users
			WHERE
				user_id = ".$db->quote($id)."
			LIMIT 1;");
		if ($u !== false and $u->setFetchMode(PDO::FETCH_ASSOC) and $r = $u->fetch()) {
			return $this->getByArray($r);
		} else {
			return false;
		}
	}
	
	public function getByLogin ($name, $password, $noHash = false) {
		global $db;
		$u = $db->query("
			SELECT *
			FROM users
			WHERE
				name = ".$db->quote($name)." AND
				password = ".$db->quote(($noHash ? $password : user::hash($password)))."
			LIMIT 1;");
		if ($u !== false and $u->setFetchMode(PDO::FETCH_ASSOC) and $r = $u->fetch()) {
			return $this->getByArray($r);
		} else {
			return false;
		}
	}
	
	private function getByArray (&$u) {
		global $db;
		if (isset($u['user_id'], $u['name'], $u['password'], $u['mail'])) {
			$this->id		=& $u['user_id'];
			$this->name		=& $u['name'];
			$this->password	=& $u['password'];
			$this->mail		=& $u['mail'];
			return $this->isLoaded = true;
		} else {
			return $this->isLoaded = false;
		}
	}
	
	public function newUser () {
		
	}
	
	public function setSession () {
		$_SESSION['user_id'] = $this->id;
		$_SESSION['user_ip'] = $_SERVER['REMOTE_ADDR'];
	}
	
	public function removeSession () {
		unset($_SESSION['user_id']);
		unset($_SESSION['user_ip']);
	}
	
	public function setCookie () {
		setcookie(self::$cookieName, 
			base64_encode($this->name.user::$cookieDelimiter.$this->password), 
			time()+self::$cookieLifeTime, 
			'/', 
			'.'.$_SERVER['HTTP_HOST']);
	}
	
	public function removeCookie () {
		setcookie(self::$cookieName, '', time()-self::$cookieLifeTime, '/', '.'.$_SERVER['HTTP_HOST']);
	}
	
	public static function hash ($password, $trace = false) {
		$l	= strlen($password);
		$l1	= $l / 2;
		$l2	= -($l1);
		$a	= substr($password, 0, $l2);
		$b	= substr($password, $l2, $l1);
		$ha = (self::$passwordHashA === false ? $a					: hash(self::$passwordHashA, $a));
		$hb = (self::$passwordHashB === false ? $b					: hash(self::$passwordHashB, $b));
		$hc = (self::$passwordHashC === false ? self::$passwordSalt	: hash(self::$passwordHashC, self::$passwordSalt));
		$h	= $hb.$hc.$ha;
		$hash = hash(self::$passwordHash, $h);
		if ($trace === true) {
			u::o('hashVars', 'user:hash', 3);
			u::o('password:   <span class="var">'.$password.'</span>', 'user:hash', 4);
			u::o('aPassword:  <span class="var">'.$a.'</span>', 'user:hash', 4);
			u::o('bPassword:  <span class="var">'.$b.'</span>', 'user:hash', 4);
			u::o('cSalt:      <span class="var">'.self::$passwordSalt.'</span>', 'user:hash', 4);
			u::o('aHash:      <span class="var">'.$ha.'</span>', 'user:hash', 4);
			u::o('bHash:      <span class="var">'.$hb.'</span>', 'user:hash', 4);
			u::o('cHash:      <span class="var">'.$hc.'</span>', 'user:hash', 4);
			u::o('dHash:      <span class="var">'.$h.'</span>', 'user:hash', 4);
			u::o('Hash:       <span class="var">'.$hash.'</span>', 'user:hash', 4);
		}
		return $hash;
	}
	
	
}
?>